Vendor

CAF

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2018-11302	CAF Android for MSM	Hig	0.51	7.8	Sep 18, 2018	In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN.
CVE-2018-5854	CAF fastboot	Hig	0.51	7.8	Jun 15, 2018	A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
CVE-2018-3582	CAF Android	Hig	0.51	7.8	Jun 12, 2018	Buffer overflow can occur due to improper input validation in multiple WMA event handler functions in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-11818	CAF Android for MSM	Hig	0.46	7.0	Sep 18, 2018	In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. Simultaneous update from userspace while kernel drivers are updating LUT registers can lead to race…
CVE-2018-11275	CAF fastboot	Med	0.36	5.5	Sep 18, 2018	In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs.

CVE-2018-11302HigSep 18, 2018
CAF
Android for MSM
risk 0.51cvss 7.8epss 0.00
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN.
CVE-2018-5854HigJun 15, 2018
CAF
fastboot
risk 0.51cvss 7.8epss 0.00
A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
CVE-2018-3582HigJun 12, 2018
CAF
Android
risk 0.51cvss 7.8epss 0.00
Buffer overflow can occur due to improper input validation in multiple WMA event handler functions in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-11818HigSep 18, 2018
CAF
Android for MSM
risk 0.46cvss 7.0epss 0.00
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. Simultaneous update from userspace while kernel drivers are updating LUT registers can lead to race…
CVE-2018-11275MedSep 18, 2018
CAF
fastboot
risk 0.36cvss 5.5epss 0.00
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs.